Top
image credit: Pixabay

Exchange Server attacks: Microsoft shares intelligence on post-compromise activities

March 26, 2021

Via: ZDnet
Category:

Many on-premises Exchange servers are being patched, but Microsoft warns that its investigations have found multiple threats lurking on already-compromised systems.

Microsoft is raising an alarm over potential follow-on attacks targeting already compromised Exchange servers, especially if the attackers used web shell scripts to gain persistence on the server, or where the attacker stole credentials during earlier attacks.

Microsoft released patches for Exchange on-premises systems on March 2. Four Exchange bugs were already under attack from a state-sponsored hacking group called Hafnium.

Read More on ZDnet